Stripe handles card dataOnline payments are processed by Stripe. MagiBooking does not store client card numbers.
Security and data safety
Payments, uploads, and customer data handled with clear guardrails
MagiBooking should feel trustworthy before a merchant connects Stripe or uploads customer records. The public security page explains what is checked, what is rejected, and what is logged.
Safer file uploadsCSV, Excel, image, PDF, and text uploads follow strict type, size, header, and count rules.
Merchant audit trailUpload attempts record the actor, filename, size, pass/fail result, and reason when rejected.
Safe upload
Data import safety
Every upload path should use the same safe-upload gateway so rules are predictable for merchants and enforceable by the backend.
CSV / Excel import
.csv and .xlsx only, maximum 4MB, up to 500 rows per import.
Logo and brand images
png, jpg, jpeg, or webp only, maximum 3MB.
Support attachments
png, jpg, jpeg, webp, pdf, or txt only, maximum 8MB each, up to 5 files.
Backend checks
Size, extension, MIME type, file signature, empty file, row count, and file count.
High-risk files are rejected
.exe.js.html.svg.php.zip.docm.xlsm
Audit log fields
Merchant or userOriginal filenameFile sizePolicy nameAllowed or rejectedFailure reasonTimestamp